Oisf Libhtp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Oisf Libhtp.
By the Year
In 2026 there have been 0 vulnerabilities in Oisf Libhtp. Last year, in 2025 Libhtp had 1 security vulnerability published. Right now, Libhtp is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 0.00 |
| 2024 | 3 | 7.50 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 0.00 |
It may take a day or so for new Libhtp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oisf Libhtp Security Vulnerabilities
Memory Leak in LibHTP <=0.5.50 (CVE-2025-53537)
CVE-2025-53537
- July 23, 2025
LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. This issue is fixed in version 0.5.51.
Memory Leak
LibHTP 0.5.48 Remote DoS via Header Size Exploit
CVE-2024-45797
7.5 - High
- October 16, 2024
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49.
Allocation of Resources Without Limits or Throttling
LibHTP <=0.5.46 DOS: Excessive CPU via Malformed HTTP
CVE-2024-28871
- April 04, 2024
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.
LibHTP <0.5.46 DoS via excessive header processing
CVE-2024-23837
7.5 - High
- February 26, 2024
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
Allocation of Resources Without Limits or Throttling
In OISF LibHTP before 0.5.31
CVE-2019-17420
- October 10, 2019
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26
CVE-2018-10243
- April 04, 2019
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oisf Libhtp or by Oisf? Click the Watch button to subscribe.
